Day: October 29, 2018

SSD Advisory – Chrome AppCache Subsystem SBX by utilizing a Use After Free

Vulnerabilities Summary The vulnerability exists in the AppCache subsystem in Chrome Versions 69.0 and before. This code is located in the privileged browser process outside of the sandbox. The renderer interacts with this subsystem by sending IPC messages from the renderer to the browser process. These messages can cause the browser to make network requests, …

SSD Advisory – Chrome AppCache Subsystem SBX by utilizing a Use After Free Read More »

SSD Advisory – Chrome Type Confusion in JSCreateObject Operation to RCE

Vulnerabilities Summary The following advisory discusses a vulnerability found in turbofan, the JIT compiler. We can trigger the JavaScript code in a way that leads to type confusion that can be exploited in order to execute code remotely on Google Chrome Versions 69.0 and before. Vendor Response Vendor has fixed the issue in Google Chrome …

SSD Advisory – Chrome Type Confusion in JSCreateObject Operation to RCE Read More »

?

Get in touch